3

Has anyone been able to use let's encrypt node module (https://git.coolaj86.com/coolaj86/greenlock-express.js) with Sails.js? A little pointer would be helpful.

Daniel
  • 717
  • 6
  • 21
pewpewlasers
  • 3,025
  • 4
  • 31
  • 58
  • Since express middleware in `letsencrypt-express` is marked with `// TODO not sure how well this works` the only option is to patch Sails `http` hook. – Zuker Dec 23 '15 at 11:20
  • @Zuker where was that mentioned? I couldn't find it. Here: https://github.com/Daplie/letsencrypt-express ? – pewpewlasers Dec 23 '15 at 11:33
  • I've found it here: https://github.com/Daplie/letsencrypt-express/blob/v1.0.3/lib/standalone.js#L239 – Zuker Dec 23 '15 at 11:35
  • @Zuker Would you mind updating the link in your comment to https://git.coolaj86.com/coolaj86/greenlock-express.js ? I'm trying to clean up old bad links. – coolaj86 Nov 30 '18 at 02:37
  • I only used it behind a reverse proxy like Nginx and it worked like charm. [Tutorial](https://www.code-skate.com/lets-encrypt-free-ssl-for-your-website-or-blog/) for Nginx and Apache is on this blog. Including the auto-renewal via cronjob. – coderocket Apr 13 '16 at 21:12

2 Answers2

1

Yes, you can use greenlock-express.js for this to achieve SSL with LetsEncrypt directly within the Sails node environment.

The example below:

  1. Configures an HTTP express app using greenlock on port 80 that handles the redirects to HTTPS and the LetsEncrypt business logic.
  2. Uses the greenlock SSL configuration to configure the primary Sails app as HTTPS on port 443.

Sample configuration for config/local.js:

// returns an instance of greenlock.js with additional helper methods
var glx = require('greenlock-express').create({
  server: 'https://acme-v02.api.letsencrypt.org/directory'
  , version: 'draft-11' // Let's Encrypt v2 (ACME v2)
  , telemetry: true
  , servername: 'domainname.com'
  , configDir: '/tmp/acme/'
  , email: 'myemail@somewhere.com'
  , agreeTos: true
  , communityMember: true
  , approveDomains: [ 'domainname.com', 'www.domainname.com' ]
  , debug: true
});

// handles acme-challenge and redirects to https
require('http').createServer(glx.middleware(require('redirect-https')())).listen(80, function () {
  console.log("Listening for ACME http-01 challenges on", this.address());
});

module.exports = {
  port: 443,
  ssl: true,
  http: {
    serverOptions: glx.httpsOptions,
  },
};

Refer to the greenlock documentation for fine-tuning configuration detail, but the above gets an out-of-the-box LetsEncrypt working with Sails.

Note also, that you may wish to place this configuration in somewhere like config/env/production.js as appropriate.

Daniel
  • 717
  • 6
  • 21
0

I had to downgrade green lock to version 2.

double-beep
  • 5,031
  • 17
  • 33
  • 41
xoapit
  • 1
  • 1